In an increasing number of situations, important data is processed, for instance, in automobiles designed from the perspective of human life protection, embedded terminals for handling electronic money, or embedded devices such as game machines which handle content data. In devices such as these, there is a risk of manipulation of the OS or firmware by a malicious third-party, giving rise to unexpected operations. In response to this, a secure boot method exists as a technique for enabling only the OS and firmware intended by the developer to be operated.
Furthermore, when a general embedded device is started up, firstly, the boot ROM is called up and the prescribed code is executed in sequence. Thereupon, a detailed process is called up by a boot ROM of the firmware, or the like, and complex processing of the OS, or the like, is also called up. In this way, more complex processing is called up successively in the call-up sequence.
Therefore, in a secure boot of an embedded device, a part which cannot be rewritten, such as the ROM (boot ROM), serves as a reliable operation starting point, and a firmware hash value is calculated each time firmware is called up as a child process. If the calculated hash value matches a legitimate hash value for the firmware which has been stored previously in the ROM, then the firmware is considered to be authentic firmware and is started up. Thereupon, when the OS is called up as a grandchild process, a hash value is calculated for the OS program. If the calculated hash value matches a legitimate hash value for the OS program which has been stored previously in the child process, then the OS is considered to be an authentic OS and is started up.
By repeating a process of this kind in the secure boot step, it is possible to execute only the program intended by the developer. A system using hash values is described in Japanese Patent Application Publication No. 2004-265422, for example.